registry  /  redmine-devrelay-client  /  0.1.1

redmine-devrelay-client@0.1.1

Redmine REST client used by redmine-devrelay MCP

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface. Runtime network activity is explicit Redmine API access configured by the consumer, with metadata endpoints blocked.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Consumer calls `RedmineClient.fromEnv` and invokes a Redmine client method.
Impact
Reads Redmine data available to the supplied credentials; no unrelated exfiltration or local mutation is present.
Mechanism
Validated GET requests to configured Redmine REST endpoints using the configured API key.
Rationale
Static hints reflect a legitimate Redmine client using environment configuration and network requests. Source inspection shows the cloud-metadata references are denylisted validation checks, not requests, and no concrete malicious behavior is present.
Evidence
package.jsondist/config.jsdist/http.jsdist/client.jsdist/issues.jsdist/index.jsdist/mask.jsdist/errors.js
Network endpoints2
169.254.169.254metadata.google.internal

Decision evidence

public snapshot
AI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • `package.json` has no lifecycle hooks or executable bin entry.
    • `dist/index.js` only re-exports library APIs; import does not initiate requests.
    • `dist/config.js` requires caller-provided Redmine URL/key and rejects metadata/link-local hosts.
    • `dist/http.js` sends GET requests only to the configured Redmine base URL with its supplied API key.
    • `dist/http.js` reads only an optional caller-configured CA certificate and masks the API key in errors.
    • No child-process, eval, dynamic loading, persistence, destructive write, or agent-control code found.
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 8 file(s), 18.2 KB of source, external domains: redmine.example.com

    Source & flagged code

    2 flagged · loading source
    dist/config.jsView file
    4const LOCAL_HTTP_HOSTS = new Set(["localhost", "127.0.0.1", "redmine"]); L5: function isPrivateIpv4(host) { L6: const m = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/.exec(host); ... L34: } L35: export function loadConfig(env = process.env) { L36: const urlRaw = env.REDMINE_URL?.trim(); ... L52: message: `Invalid REDMINE_URL: ${urlRaw}`, L53: check: ["Use an absolute URL like https://redmine.example.com"], L54: });
    High
    Cloud Metadata Access

    Source reaches cloud instance metadata or link-local credential endpoints.

    dist/config.jsView on unpkg · L4
    matchType = previous_version_dangerous_delta matchedPackage = redmine-devrelay-client@0.1.0 matchedIdentity = npm:cmVkbWluZS1kZXZyZWxheS1jbGllbnQ:0.1.0 similarity = 0.857 summary = stored previous version shares package body but lacks this dangerous source file
    High
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/config.jsView on unpkg

    Findings

    2 High2 Medium4 Low
    HighCloud Metadata Accessdist/config.js
    HighPrevious Version Dangerous Deltadist/config.js
    MediumNetwork
    MediumEnvironment Vars
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings